Aon Cyber Security 2018 Predictions: Insights on the Insiders

Stroz Friedberg, an Aon company specializing in risk management, just released its 2018 Cyber Security Predictions report. While one of the report’s eight predictions focuses exclusively on the role of insiders in cyber security incidents, two other predictions have relevance to the insider threat problem.

The report notes the European Union’s upcoming rollout governing consumer data privacy, the Global Data Protection Regulation (GDPR). The GDPR will impact all companies who collect data of EU citizens. Governments in Australia, Japan, and South Korea, though aligned with the EU approach, have “more moderate enforcement and penalties”. Finally, US regulations such as the New York Department of Financial Services (NYDFS) cyber security regulation have had a big impact on the financial services industry globally.

Our take on the impact to insider threat detection and prevention: Across all industries, new regulations will impact how organizations will prepare for and respond to insider threats. Non-compliance with regulations and mitigation after an incident will cost more going forward. Organizations will need to invest more to audit insider access and prove compliance (similar to HIPAA requirements). Fines will be substantial.

Insiders – and Their IoT – Exist Throughout the Supply Chain

The report sees an increasing need for organizations to assess the risk of partners, specifically in how partners use the IoT. Their prediction, however, is this will not occur and “a large company will be brought down by an attack on a small vendor or contractor that targets the IoT as a way into their network”.

The perception – whether fact or fiction in a specific case – is that small and midsized business tend to devote less priority and budget to security. Consequently, the report predicts, attackers will target SMBs (and their IoT) as a way to get access to bigger fish.

Our take on the impact to insider threat detection and prevention: Partners and vendors are a type of insider, with access to an organization’s sensitive data and systems. Organizations will need to do more to assess and manage risk in the supply chain. All businesses are susceptible to being attacked and IoT is the latest entry point.

Organizations Will Continue to Underestimate the Insider Threat

The report’s final prediction: “Insider risks plague organizations as they underestimate their critical vulnerability and liability, and major attacks continue to fly under the radar.”

The report notes two trends driving the rise of the insider threat:

The rise of the gig economy with its freelance and part-time members dramatically impacts the employer-worker relationship.

Corporations depersonalizing the workforce and creating more virtually connected ecosystems has impacted the level of an employee’s psychological investment and engagement in their organization.

A lack of employee investment and engagement are likely to drive insider threats – whether negligent or malicious in nature.

Media hunger for private documents … is fueling the motivation to expose and leak information from inside sources.

So, whether it’s employees choosing convenience over security, criminals who target insiders, or disgruntled workers taking intellectual property on their way out the door, insiders remain a vulnerable point within the organization.

The report predicts we’ll see more companies held legally liable for damaging incidents caused by insiders, noting the 2017 UK case of Morrisons Supermarkets where a former senior auditor for the retailer posted the payroll data of nearly 100,000 staff online. A court ruled the supermarket was liable for the leak, and thousands of the staff will now be allowed to lodge compensation claims.

Our take on the impact to insider threat detection and prevention:Global Workplace Analytics reports that 3.7 million employees (2.8% of the workforce) now work from home at least half the time. Regular work-at-home, among the non-self-employed, has grown by 115% since 2005, nearly 10x faster than the rest of the workforce.

The rise of the remote workforce has a real potential to heighten the insider threat for the reason the Aon report highlights: a depersonalized workforce feels less invested in the employer. Organizations will increasingly turn to employee monitoring software to help protect sensitive data from insider threats. Click below to learn more about Teramind.

Marianna Noll is a Maryland-based writer with an interest in the impact that technology has on organizations and users. She writes about software, user adoption and engagement with software, and IT security.